/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

package com.jkoa.mgr;


import com.google.inject.Inject;
import com.jkoa.dao.PenggunaDAO;
import com.jkoa.model.Pengguna;
import com.jkoa.stripes.config.JkoaActionBeanContext;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sourceforge.stripes.action.ActionBeanContext;
import net.sourceforge.stripes.security.controller.StripesSecurityManager;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;


/**
 *
 * @author fikri
 */

public class SecurityManager implements StripesSecurityManager{

    private static final Logger LOG = Logger.getLogger(SecurityManager.class);
    private static boolean isDebug = LOG.isDebugEnabled();
    
   

    @Override
    public boolean isUserInRole(List<String> roles, ActionBeanContext context) {        
        
        if (roles == null || roles.isEmpty()) return false;        
       
        Pengguna pengguna = (Pengguna) context.getRequest().getSession().getAttribute(JkoaActionBeanContext.KEY_USER);

        LOG.info("pengguna = " + pengguna.getIdPengguna());

        String[] rolesList = (String[])roles.toArray();        

        try{           
            
           String userType = pengguna.getKodPguna().getKod();

            for(String user : rolesList) {
                if (user.equals(userType)) return true;
            }
            
        }catch (Exception ex) {
            LOG.error(ex);
        } 
        return false;
    }

    @Override
    public boolean isUserInRole(List<String> roles, HttpServletRequest request, HttpServletResponse response) {
        Pengguna pengguna = (Pengguna) request.getSession().getAttribute(JkoaActionBeanContext.USER_ID_KEY);
        if (isDebug) LOG.debug("pengguna = " + pengguna.getIdPengguna());

        String[] rolesList = (String[])roles.toArray();

        try{

           String userType = pengguna.getKodPguna().getKod();

            for(String user : rolesList) {
                if (user.equals(userType)) return true;
            }

        }catch (Exception ex) {
            LOG.error(ex);
        }
        return false;
//        throw new UnsupportedOperationException("Not supported yet.");
    }

}
